Minimizing Risk Through Minimizing Model-Data Interaction: A Protocol For Relying on Proxy Tasks When Designing Child Sexual Abuse Imagery Detection Models

• URL: http://arxiv.org/abs/2505.06621v1
• Date: Sat, 10 May 2025 12:10:55 GMT
• Title: Minimizing Risk Through Minimizing Model-Data Interaction: A Protocol For Relying on Proxy Tasks When Designing Child Sexual Abuse Imagery Detection Models
• Authors: Thamiris Coelho, Leo S. F. Ribeiro, João Macedo, Jefersson A. dos Santos, Sandra Avila,
• Abstract summary: Child sexual abuse imagery (CSAI) is an ever-growing concern of our modern world.<n>To ease this burden researchers have explored methods for automating data triage and detection of CSAI.<n>We formalize a definition of " Proxy Tasks", i.e., the substitute tasks used for training models for CSAI without making use of CSA data.
• Score: 7.47716232790068
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: The distribution of child sexual abuse imagery (CSAI) is an ever-growing concern of our modern world; children who suffered from this heinous crime are revictimized, and the growing amount of illegal imagery distributed overwhelms law enforcement agents (LEAs) with the manual labor of categorization. To ease this burden researchers have explored methods for automating data triage and detection of CSAI, but the sensitive nature of the data imposes restricted access and minimal interaction between real data and learning algorithms, avoiding leaks at all costs. In observing how these restrictions have shaped the literature we formalize a definition of "Proxy Tasks", i.e., the substitute tasks used for training models for CSAI without making use of CSA data. Under this new terminology we review current literature and present a protocol for making conscious use of Proxy Tasks together with consistent input from LEAs to design better automation in this field. Finally, we apply this protocol to study -- for the first time -- the task of Few-shot Indoor Scene Classification on CSAI, showing a final model that achieves promising results on a real-world CSAI dataset whilst having no weights actually trained on sensitive data.

Related papers

• Addressing The Devastating Effects Of Single-Task Data Poisoning In Exemplar-Free Continual Learning [11.525308323843852]
  Research addresses the overlooked security concerns related to data poisoning in continual learning (CL)<n>Data poisoning was recently shown to be a threat to CL training stability.<n>In contrast to previously proposed poisoning settings, adversaries lack knowledge and access to the model.
  arXiv  Detail & Related papers  (2025-07-05T17:26:52Z)
• Rethinking Data Protection in the (Generative) Artificial Intelligence Era [115.71019708491386]
  We propose a four-level taxonomy that captures the diverse protection needs arising in modern (generative) AI models and systems.<n>Our framework offers a structured understanding of the trade-offs between data utility and control, spanning the entire AI pipeline.
  arXiv  Detail & Related papers  (2025-07-03T02:45:51Z)
• No Query, No Access [50.18709429731724]
  We introduce the textbfVictim Data-based Adrial Attack (VDBA), which operates using only victim texts.<n>To prevent access to the victim model, we create a shadow dataset with publicly available pre-trained models and clustering methods.<n>Experiments on the Emotion and SST5 datasets show that VDBA outperforms state-of-the-art methods, achieving an ASR improvement of 52.08%.
  arXiv  Detail & Related papers  (2025-05-12T06:19:59Z)
• AgentDAM: Privacy Leakage Evaluation for Autonomous Web Agents [75.85554113398626]
  We develop a benchmark called AgentDAM to evaluate how well existing and future AI agents can limit processing of potentially private information.<n>Our benchmark simulates realistic web interaction scenarios and is adaptable to all existing web navigation agents.
  arXiv  Detail & Related papers  (2025-03-12T19:30:31Z)
• Ensuring Medical AI Safety: Explainable AI-Driven Detection and Mitigation of Spurious Model Behavior and Associated Data [14.991686165405959]
  We introduce a semi-automated framework for the identification of spurious behavior from both data and model perspective.<n>This allows the retrieval of spurious data points and the detection of model circuits that encode the associated prediction rules.<n>We show the applicability of our framework using four medical datasets, featuring controlled and real-world spurious correlations.
  arXiv  Detail & Related papers  (2025-01-23T16:39:09Z)
• Detecting sexually explicit content in the context of the child sexual abuse materials (CSAM): end-to-end classifiers and region-based networks [0.0]
  Child sexual abuse materials (CSAM) pose a significant threat to the safety and well-being of children worldwide. This study presents methods for classifying sexually explicit content, which plays a crucial role in the automated CSAM detection system.
  arXiv  Detail & Related papers  (2024-06-20T09:21:08Z)
• The Frontier of Data Erasure: Machine Unlearning for Large Language Models [56.26002631481726]
  Large Language Models (LLMs) are foundational to AI advancements. LLMs pose risks by potentially memorizing and disseminating sensitive, biased, or copyrighted information. Machine unlearning emerges as a cutting-edge solution to mitigate these concerns.
  arXiv  Detail & Related papers  (2024-03-23T09:26:15Z)
• Protecting Publicly Available Data With Machine Learning Shortcuts [3.8709855706783105]
  We show that even simple shortcuts are difficult to detect by explainable AI methods. We then exploit this fact and design an approach to defend online databases against crawlers. We show that a deterrent can be created by deliberately adding ML shortcuts.
  arXiv  Detail & Related papers  (2023-10-30T09:38:03Z)
• Assessing Privacy Risks in Language Models: A Case Study on Summarization Tasks [65.21536453075275]
  We focus on the summarization task and investigate the membership inference (MI) attack. We exploit text similarity and the model's resistance to document modifications as potential MI signals. We discuss several safeguards for training summarization models to protect against MI attacks and discuss the inherent trade-off between privacy and utility.
  arXiv  Detail & Related papers  (2023-10-20T05:44:39Z)
• From Zero to Hero: Detecting Leaked Data through Synthetic Data Injection and Model Querying [10.919336198760808]
  We introduce a novel methodology to detect leaked data that are used to train classification models. textscLDSS involves injecting a small volume of synthetic data--characterized by local shifts in class distribution--into the owner's dataset. This enables the effective identification of models trained on leaked data through model querying alone.
  arXiv  Detail & Related papers  (2023-10-06T10:36:28Z)
• DAD++: Improved Data-free Test Time Adversarial Defense [12.606555446261668]
  We propose a test time Data-free Adversarial Defense (DAD) containing detection and correction frameworks. We conduct a wide range of experiments and ablations on several datasets and network architectures to show the efficacy of our proposed approach. Our DAD++ gives an impressive performance against various adversarial attacks with a minimal drop in clean accuracy.
  arXiv  Detail & Related papers  (2023-09-10T20:39:53Z)
• Privacy Adhering Machine Un-learning in NLP [66.17039929803933]
  In real world industry use Machine Learning to build models on user data. Such mandates require effort both in terms of data as well as model retraining. continuous removal of data and model retraining steps do not scale. We propose textitMachine Unlearning to tackle this challenge.
  arXiv  Detail & Related papers  (2022-12-19T16:06:45Z)
• On the Evaluation of User Privacy in Deep Neural Networks using Timing Side Channel [14.350301915592027]
  We identify and report a novel data-dependent timing side-channel leakage (termed Class Leakage) in Deep Learning (DL) implementations. We demonstrate a practical inference-time attack where an adversary with user privilege and hard-label blackbox access to an ML can exploit Class Leakage. We develop an easy-to-implement countermeasure by making a constant-time branching operation that alleviates the Class Leakage.
  arXiv  Detail & Related papers  (2022-08-01T19:38:16Z)
• Semi-Supervised Temporal Action Detection with Proposal-Free Masking [134.26292288193298]
  We propose a novel Semi-supervised Temporal action detection model based on PropOsal-free Temporal mask (SPOT) SPOT outperforms state-of-the-art alternatives, often by a large margin.
  arXiv  Detail & Related papers  (2022-07-14T16:58:47Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.